DComTalk.com

Hi all.

I have a Nortel Passport 8610 switch/router. 3.7.7 code.

It connects to a Cisco router via fast ethernet, C2. This Cisco rotuer
has a WAN circuit on the other side of it. I have static routes that
I've added on the Nortel to send traffic destined to certain subnets on
the other side of the WAN. This works great.

Now I also have an older Cisco router, C2, it has a 10MB WAN circuit on
it.

My question is related to link redundancy. I'd like to use this C2
routers link as a backup, failover setup.

Can I add two static routes from the Passport to C1 and C2 (C2 with a
different preference? Higher/Lower number??). There by potentially
sending traffic to both C1 and C2? But I'd like the traffic to
normally go to C1.

Now my wish is to automate the failover to C2 if the C1 WAN dies,
however I could simply pull the LAN plug on C2 and have the traffic go
out C1.

Is this doable? Can you have two static routes to the same destination
going to two separate routers (I'm thinking you'd adjust their
preference or metric on the Nortel, not sure how).

What do you folks think.

Mr4Sale wrote:

Hi all.

I have a Nortel Passport 8610 switch/router. 3.7.7 code.

It connects to a Cisco router via fast ethernet, C2. This Cisco rotuer
has a WAN circuit on the other side of it. I have static routes that
I've added on the Nortel to send traffic destined to certain subnets on
the other side of the WAN. This works great.

Now I also have an older Cisco router, C2, it has a 10MB WAN circuit on
it.

My question is related to link redundancy. I'd like to use this C2
routers link as a backup, failover setup.

Can I add two static routes from the Passport to C1 and C2 (C2 with a
different preference? Higher/Lower number??). There by potentially
sending traffic to both C1 and C2? But I'd like the traffic to
normally go to C1.

Now my wish is to automate the failover to C2 if the C1 WAN dies,
however I could simply pull the LAN plug on C2 and have the traffic go
out C1.

Is this doable? Can you have two static routes to the same destination
going to two separate routers (I'm thinking you'd adjust their
preference or metric on the Nortel, not sure how).

What do you folks think.

Don't know the passport 8600 series switches, so be no means consider
this reply authoritative -- but I used to do exactly what you describe
with my Bay/RS based routers all the time.

I'd be very surprised if what you describe could not be set up
relatively easily on th 8600.

Good deal.

Was it simply a matter of adding two static routes, one to C1 an C2,
but the one to C2 had a different preference number?

What should these be, higher or lower?

In article <11d7oo0l5gjqa03@news.supernews.com>,
T. Sean Weintz <strap@hanh-ct.org> wrote:
:OOPS. One thing I just realized that changes everything - I ONLY had the
:backup route as static. The primary was being learned via OSPF. The
:interface will need to go down before it switches the route over if you
:do the primary as static (I think).

You are right, that does make a big difference.

Vincent C. Jones warns against relying on dual static routes, because
the static route will only be removed if the directly-connected
interface itself goes down.

There are, though, lots of ways to lose connections without the direct
interface going down -- hangs, media convertors dying, transceivers
burning out in one direction only, loss of connectivity more than one
hop away. Because of that, Vincent recommends using mechanisms that
can detect end-to-end (or at least local nearest router to remote
farthest router) connectivity. In his High Availability Networking book,
he explores a number of possible mechanisms. His web site is a good
introduction to the issues.
--
This signature intentionally left... Oh, darn!

Mr4Sale wrote:

Good deal.

Was it simply a matter of adding two static routes, one to C1 an C2,
but the one to C2 had a different preference number?

What should these be, higher or lower?

When I did it on my routers I gave the route to the backup a higher cost
and lower preference. The higher cost (not the lower preference) is
what really makes it the backup route.

OOPS. One thing I just realized that changes everything - I ONLY had the
backup route as static. The primary was being learned via OSPF. The
interface will need to go down before it switches the route over if you
do the primary as static (I think).

Really the best way to do it would be dynamically anyway. Is there any
reason you can't do something like run ospf on the nortel and both cisco's?

Thanks, I can only use Statics. We run OSPF on the Nortel, but the
Ciscos run BGP.

So I should go make the existing statics to a higher preference, I
think it defaulted to 1, first. The cost is 10 I believe.

Then when I have the existing set to say 10 preference, 10 cost, then
add secondary static routes towards C2 as say 2 preference, 20 cost.

If I get paged say on a C1 WAN failure, I'll disable it's interface on
the 8600, then all the routing will go out C2. The way I fix this now
is to add static routes manually to C2 if the link goes down, not fun
keying in 30 some odd statics.

I hear what you're saying about automating this via an enhanced routing
protocol, however I can't do that just yet.

Thanks for all the good advice by the way.

Mr4Sale wrote:

Thanks, I can only use Statics. We run OSPF on the Nortel, but the
Ciscos run BGP.

You may want to look at running BOTH on either the nortel or the cisco?
If you need to have two dynamic protocols sharing route information, BGP
and OSPF are probably the best two to have to mix that way. Given that
there is even an RFC that describes how the two should interact.

So I should go make the existing statics to a higher preference, I
think it defaulted to 1, first. The cost is 10 I believe.

Then when I have the existing set to say 10 preference, 10 cost, then
add secondary static routes towards C2 as say 2 preference, 20 cost.

If I get paged say on a C1 WAN failure, I'll disable it's interface on
the 8600, then all the routing will go out C2. The way I fix this now
is to add static routes manually to C2 if the link goes down, not fun
keying in 30 some odd statics.

I hear what you're saying about automating this via an enhanced routing
protocol, however I can't do that just yet.

Thanks for all the good advice by the way.

Yup, what you describe above should work just fine. Not as automated as
it could be, of course, but you already know that.

From what I remember, in the 8600, with a static route, if the next-hop
ARP entry ages-out, the route will be remove from the fowarding table.


Mr4Sale wrote:

Thanks, I can only use Statics. We run OSPF on the Nortel, but the
Ciscos run BGP.

So I should go make the existing statics to a higher preference, I
think it defaulted to 1, first. The cost is 10 I believe.

Then when I have the existing set to say 10 preference, 10 cost, then
add secondary static routes towards C2 as say 2 preference, 20 cost.

If I get paged say on a C1 WAN failure, I'll disable it's interface on
the 8600, then all the routing will go out C2. The way I fix this now
is to add static routes manually to C2 if the link goes down, not fun
keying in 30 some odd statics.

I hear what you're saying about automating this via an enhanced routing
protocol, however I can't do that just yet.

Thanks for all the good advice by the way.

So if the C1 router is powered of (removing the ARP entry eventually,
not sure of the ARP delay here), it'll switch to C2, that's good to
know.

I have to VPN in, Telnet into the 8600 to check things out, so I'll
stick to removing the C1 port on the 8600. Unfortunately I can't run
EGRP and OSPF on both of these at this time.

Now someone from the Cisco side of the house recommended I take C1 and
C2 (they are on the same 8600 VLAN and IP subnet) and create the
equivilent of VRRP on them. That way if C1's WAN goes down, C2 picks
things up. Not sure how that VRRP equivilent is configured on Cisco.
That may also be a way to smooth this out.

Time to bone up on Cisco IOS I guess.

Julio Arruda wrote:

From what I remember, in the 8600, with a static route, if the next-hop
ARP entry ages-out, the route will be remove from the fowarding table.

Cool. Then he should be all set.

Mr4Sale wrote:

So if the C1 router is powered of (removing the ARP entry eventually,
not sure of the ARP delay here), it'll switch to C2, that's good to
know.

I have to VPN in, Telnet into the 8600 to check things out, so I'll
stick to removing the C1 port on the 8600. Unfortunately I can't run
EGRP and OSPF on both of these at this time.

Now someone from the Cisco side of the house recommended I take C1 and
C2 (they are on the same 8600 VLAN and IP subnet) and create the
equivilent of VRRP on them. That way if C1's WAN goes down, C2 picks
things up. Not sure how that VRRP equivilent is configured on Cisco.
That may also be a way to smooth this out.

Time to bone up on Cisco IOS I guess.

In theory, IOS does support VRRP (from some version, 12.2 maybe ?).
If I had to chose a proprietary protocol, and a standard one, I would go
with the standard.
Is for sure faster than the arp trick, and has the additional advantage
of allowing you to failover in case of 'critical interface failure'
(example, if the first router WAN interface fails, assuming it is the
master VRRP, I would expect in IOS you can force the VRRP master to
abdicate so the other takes over).
This only require that both routers are in the same subnet (VRRP I
mean), but anyway seems to be the case in your network ?

"Mr4Sale" <speichts@gmail.com> said to all and sundry:

I have to VPN in, Telnet into the 8600 to check things out, so I'll
stick to removing the C1 port on the 8600. Unfortunately I can't run
EGRP and OSPF on both of these at this time.

Have you considered running a common protocol between
them? If you set up OSPF on the Cisco and use a
redistribute eigrp <zone> command you can then
inject your Cisco eigrp or BGP routes to the Nortel's OSPF
routes. Likewise you could run BGP on the 8600
so as to receive the Cisco's routes.

If memory is a problem I'd suggest using
RIP2 as the common protocol between them due
to its lower footprint, however it would not allow
for an immediate fail-over and has a few other
inherent limitations. But, if you're looking for
a standard that's supported on practically
everything and easy to debug, it can be a
viable protocol. I'd only use it if I had to
keep my memory or cpu footprint small or
integrate devices that can't handle OSPF
or BGP, but I'm inferring that might be the case.

* Dan Sorenson DoD #1066 ASSHOLE #35 BOTY 1997 viking@svtv.com *
* Vikings? There ain't no vikings here. Just us honest farmers. *
* The town was burning, the villagers were dead. They didn't need *
* those sheep anyway. That's our story and we're sticking to it. *